Paper 2024/1282

NTRU+PKE: Efficient Public-Key Encryption Schemes from the NTRU Problem

Jonghyun Kim, Korea University
Jong Hwan Park, Sangmyung University
Abstract

We propose a new NTRU-based Public-Key Encryption (PKE) scheme called $\mathsf{NTRU+}\mathsf{PKE}$, which effectively incorporates the Fujisaki-Okamoto transformation for PKE (denoted as $\mathsf{FO}_{\mathsf{PKE}}$) to achieve chosen-ciphertext security in the Quantum Random Oracle Model (QROM). While $\mathsf{NTRUEncrypt}$, a first-round candidate in the NIST PQC standardization process, was proven to be chosen-ciphertext secure in the Random Oracle Model (ROM), it lacked corresponding security proofs for QROM. Our work extends the capabilities of the recent $\mathsf{ACWC}_{2}$ transformation, proposed by Kim and Park in 2023, by demonstrating that an $\mathsf{ACWC}_{2}$-transformed scheme can serve as a sufficient foundation for applying $\mathsf{FO}_\mathsf{PKE}$. Specifically, we show that the $\mathsf{ACWC}_{2}$-transformed scheme achieves (weak) $\gamma$-spreadness, an essential property for constructing an IND-CCA secure PKE scheme. Moreover, we provide the first proof of the security of $\mathsf{FO}_\mathsf{PKE}$ in the QROM. Finally, we show that $\mathsf{FO}_\mathsf{PKE}$ can be further optimized into a more efficient transformation, $\overline{\mathsf{FO}}_\mathsf{PKE}$, which eliminates the need for re-encryption during decryption. By instantiating an $\mathsf{ACWC}_{2}$-transformed scheme with appropriate parameterizations, we construct $\mathsf{NTRU+}\mathsf{PKE}$, which supports 256-bit message encryption. Our implementation results demonstrate that at approximately a classical 180-bit security level, $\mathsf{NTRU+}\mathsf{PKE}$ is about 2 times faster than \textsc{Kyber} + AES-256-GCM in AVX2 mode.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
NTRURLWELattice-based cryptographyPost-quantum cryptography
Contact author(s)
yoswuk @ korea ac kr
jhpark @ smu ac kr
History
2024-09-02: revised
2024-08-14: received
See all versions
Short URL
https://ia.cr/2024/1282
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1282,
      author = {Jonghyun Kim and Jong Hwan Park},
      title = {{NTRU}+{PKE}: Efficient Public-Key Encryption Schemes from the {NTRU} Problem},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1282},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1282}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.